OpenVPN Access Server Failover Vagrant Setup

Ask questions about your Access Server configuration here.
Post Reply
OpenVpn Newbie
Posts: 1
Joined: Mon Jan 14, 2019 8:25 pm

OpenVPN Access Server Failover Vagrant Setup

Post by charleswang007 » Mon Jan 14, 2019 8:54 pm


I would like to demo HA Failover of two OpenVPN Access Server instances using Vagrant VMs.
I am following instructions at ... over-mode/
Below is my Vagrantfile and after the 2 VMs are up, I installed OpenVPN AS and set up bi-directional SSH access.

# -*- mode: ruby -*-
# vi: set ft=ruby :
# Vagrant multi-machine setup
Vagrant.configure("2") do |config|
config.vm.define "vpn1" do |vpn1_config| = "ubuntu/trusty64"
vpn1_config.vm.host_name = "vpn1" :private_network, ip: "" "forwarded_port", guest: 80, host: 8080 "forwarded_port", guest: 943, host: 1943
config.vm.define "vpn2" do |vpn2_config| = "ubuntu/trusty64"
vpn2_config.vm.host_name = "vpn2" :private_network, ip: ""
config.vm.provision "shell", inline: <<-SHELL
sudo apt-get update
sudo apt-get install rsync

eth0 ( is the Shared Virtual IP and each node gets their private IP (eth1): (Primary) & (Secondary).
I believe I completed all steps mentioned in the instruction, including running "sudo ovpn-init --secondary" to make the secondary node as failover system.
I clicked "Validate" on Failover page and it succeeded.
But after "Commit and Restart", the failover doesn't seem to work.
Broadcast UCARP/VRRP traffic is not seen on the secondary node (from "sudo tcpdump -eni any vrrp") and When openvpnas service is stopped on primary node, the openvpnas service on secondary node does not start (from "ps -aux | grep openvpn")

I even tried disabling firewall on both nodes ("sudo ufw diable") but it didn't help.

Can someone explain what might be wrong with my setup? Do I need additional settings to allow VRRP traffic? I'm kinda lost.



Post Reply